The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Category Archives: Uncategorized
The malware, found on a Russian cybercriminal site, impersonates e-commerce payment-processing services such as Stripe to steal user payment data from legitimate websites. Go to Source Author: Elizabeth Montalbano, Contributing Writer
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card. Go to Source Author: John Klossner
We can’t put defense on hold until Inauguration Day. Go to Source Author: Christy Wyatt
Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. “The Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM [Compatibility Support Mode] mode and without Secure Boot or standard […]
The deal adds Phylum’s technology for malicious package analysis, detection, and mitigation to Veracode’s software composition analysis portfolio. Go to Source Author: Fahmida Y. Rashid
It’s time once again to pay our respects to the once-famous cybersecurity solutions whose usefulness died in the past year. The cybercriminal world collectively mourns the loss of these solutions and the easy access they provide to victim organizations. These solutions, though celebrated in their prime, succumbed to the twin forces of time and advancing […]
Internet service providers (ISPs) and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE malware framework. The new variant of EAGERBEE (aka Thumtais) comes fitted with various components that allow the backdoor to deploy additional payloads, enumerate file systems, and execute commands shells, demonstrating a significant evolution. “The […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday said there are no indications that the cyber attack targeting the Treasury Department impacted other federal agencies. The agency said it’s working closely with the Treasury Department and BeyondTrust to get a better understanding of the breach and mitigate its impacts. “The security of federal […]
Taiwan-based Moxa has warned of two security vulnerabilities impacting its cellular routers, secure routers, and network security appliances that could allow privilege escalation and command execution. The list of vulnerabilities is as follows – CVE-2024-9138 (CVSS 4.0 score: 8.6) – A hard-coded credentials vulnerability that could allow an authenticated user to escalate privileges and gain […]